Samba has it's own password expiry attributes, and assuming your users log
into the samba domain, they should be prompted to change their passwords.
However, currently there is no easy way to keep the password expiry attributes
in sync if passwords are not changed exclusively with samba. Unfortunately
ppolicy + smbk5pwd don't update all samba password expiry attributes (I should
file an ITS ...).

Perhaps you should file an enhancement request with the Samba folks instead.
The LDAP password policy is intended to be usable by other applications. I
seem to recall Andrew Bartlet mentioning that he already added code to work
with it, but perhaps that's only in Samba4 and not Samba3...